WordPress.org

Ready to get started?Download WordPress

Forums

WP1.5: Allow users to edit their own comments (11 posts)

  1. maven
    Member
    Posted 9 years ago #

    Currently, users can only edit posts made to their own posts, but not those comments made to posts of other users. This worked fine in WP 1.2

  2. lawtai
    Member
    Posted 9 years ago #

    I'm pretty sure that 1.2 worked the same way as 1.5 does right now. You can only edit your own posts, and those that commented to your post. You'd need to change a variable in the functions.php file I believe, but I can't remember which one it was.

  3. maven
    Member
    Posted 9 years ago #

    I think you're right. I had hacked 1.2 so that equal level users couldn't edit each other's posts.

    But it would indeed be very helpful, if (in wp-includes/functions-post.php)
    function user_can_edit_post_comments($user_id, $post_id, $blog_id = 1) would get the actual comment as argument, so that such a check can easily be incorporated.

  4. nishishei
    Member
    Posted 9 years ago #

    Can you guys be more specific on what to do to make that possible on WP1.5? I really need my commenters to be able to edit their own comments (even on others' posts). Thanks.

  5. maven
    Member
    Posted 9 years ago #

    Sure. Here's the diff. I essentially added a comment_id argument to user_can_edit/delete_post and then changed these functions to allow a user to edit their own comments IF
    - they either wrote the original post, or
    - have the same userlevel as the post author (could be changed to e.g. userlevel >= 1 ) and have the same nickname as the one used on the comment.

    diff -uNr wp1.5wp-adminedit-comments.php wp1.5_ev1lwp-adminedit-comments.php
    --- wp1.5wp-adminedit-comments.php Fri Feb 11 02:00:38 2005
    +++ wp1.5_ev1lwp-adminedit-comments.php Tue Feb 22 16:23:00 2005
    @@ -43,7 +43,7 @@
    $comment = (int) $comment;
    $post_id = $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
    $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
    - if ( user_can_delete_post_comments($user_ID, $post_id) ) :
    + if ( user_can_delete_post_comments($user_ID, $post_id, $comment) ) :
    $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_ID = $comment");
    ++$i;
    endif;
    @@ -93,10 +93,10 @@
    <?php comment_text() ?>

    <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A');
    - if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID) ) {
    + if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID, $comment->comment_ID) ) {
    echo " | <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>";
    }
    - if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) {
    + if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID, $comment->comment_ID) ) {
    echo " | <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by '%s'\n 'Cancel' to stop, 'OK' to delete."), $comment->comment_author) . "')\">" . __('Delete Comment') . "</a> — ";
    } // end if any comments to show
    // Get post title
    @@ -138,15 +138,15 @@
    $class = ('alternate' == $class) ? '' : 'alternate';
    ?>
    <tr class='<?php echo $class; ?>'>
    - <td><?php if (user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
    + <td><?php if (user_can_delete_post_comments($user_ID, $comment->comment_post_ID, $comment->comment_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
    <td><?php comment_author_link() ?></td>
    <td><?php comment_author_email_link() ?></td>
    <td><a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></td>
    <td><?php comment_excerpt(); ?></td>
    <td><a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a></td>
    - <td><?php if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID) ) {
    + <td><?php if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID, $comment->comment_ID) ) {
    echo "<a href='post.php?action=editcomment&amp;comment=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td>
    - <td><?php if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) {
    + <td><?php if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID, $comment->comment_ID) ) {
    echo "<a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by '%s'\n 'Cancel' to stop, 'OK' to delete."), $comment->comment_author) . "')\" class='delete'>" . __('Delete') . "</a>"; } ?></td>
    </tr>
    <?php
    diff -uNr wp1.5wp-adminpost.php wp1.5_ev1lwp-adminpost.php
    --- wp1.5wp-adminpost.php Mon Feb 14 09:46:08 2005
    +++ wp1.5_ev1lwp-adminpost.php Tue Feb 22 16:25:00 2005
    @@ -464,7 +464,7 @@
    $comment = $_GET['comment'];
    $commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));

    - if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to edit comments on this post.');
    }

    @@ -486,7 +486,7 @@
    $p = $_GET['p'];
    $commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));

    - if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to delete comments on this post.');
    }

    @@ -528,7 +528,7 @@
    $postdata = get_postdata($p) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
    $commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));

    - if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to edit comments on this post.');
    }

    @@ -559,7 +559,7 @@

    $commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));

    - if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to edit comments on this post, so you cannot disapprove this comment.');
    }

    @@ -579,7 +579,7 @@

    $commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));

    - if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to edit comments on this post, so you cannot approve this comment.');
    }

    @@ -604,7 +604,7 @@
    }
    $commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));

    - if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
    + if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'], $comment)) {
    die('You are not allowed to edit comments on this post, so you cannot approve this comment.');
    }

    @@ -631,7 +631,7 @@
    $newcomment_author_url = $_POST['newcomment_author_url'];
    $comment_status = $_POST['comment_status'];

    - if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) {
    + if (!user_can_edit_post_comments($user_ID, $comment_post_ID, $comment_ID)) {
    die('You are not allowed to edit comments on this post, so you cannot edit this comment.');
    }

    diff -uNr wp1.5wp-includesfunctions-post.php wp1.5_ev1lwp-includesfunctions-post.php
    --- wp1.5wp-includesfunctions-post.php Wed Feb 16 22:01:52 2005
    +++ wp1.5_ev1lwp-includesfunctions-post.php Tue Feb 22 16:56:00 2005
    @@ -381,15 +381,20 @@
    }

    /* returns true if $user_id can edit $post_id's comments */
    -function user_can_edit_post_comments($user_id, $post_id, $blog_id = 1) {
    +function user_can_edit_post_comments($user_id, $post_id, $comment_id, $blog_id = 1) {
    + $author_data = get_userdata($user_id);
    + $post_data = get_postdata($post_id);
    + $post_author_data = get_userdata($post_data['Author_ID']);
    + $commd = get_commentdata($comment_id, 1);
    +
    // right now if one can edit a post, one can edit comments made on it
    - return user_can_edit_post($user_id, $post_id, $blog_id);
    + return user_can_edit_post($user_id, $post_id, $blog_id) || ($author_data->user_level == $post_author_data->user_level && $author_data->user_nickname == $commd['comment_author']);
    }

    /* returns true if $user_id can delete $post_id's comments */
    -function user_can_delete_post_comments($user_id, $post_id, $blog_id = 1) {
    +function user_can_delete_post_comments($user_id, $post_id, $comment_id, $blog_id = 1) {
    // right now if one can edit comments, one can delete comments
    - return user_can_edit_post_comments($user_id, $post_id, $blog_id);
    + return user_can_edit_post_comments($user_id, $post_id, $comment_id, $blog_id);
    }

    function user_can_edit_user($user_id, $other_user) {
    diff -uNr wp1.5wp-includestemplate-functions-links.php wp1.5_ev1lwp-includestemplate-functions-links.php
    --- wp1.5wp-includestemplate-functions-links.php Wed Feb 16 15:49:02 2005
    +++ wp1.5_ev1lwp-includestemplate-functions-links.php Tue Feb 22 16:50:00 2005
    @@ -193,8 +193,8 @@
    global $user_ID, $post, $comment;

    get_currentuserinfo();
    -
    - if (!user_can_edit_post_comments($user_ID, $post->ID)) {
    +
    + if (!user_can_edit_post_comments($user_ID, $post->ID, $comment->comment_ID)) {
    return;
    }

  6. timmfin
    Member
    Posted 9 years ago #

    I'd like to use that diff but all the directory slashes seem to be omitted. (Eg. wp1.5_ev1lwp-includestemplate-functions-links.php). Could you email me the diff?

  7. JoeyDay
    Member
    Posted 8 years ago #

    It would be great if this could be made into a plugin. In the mean time, would someone mind emailing me a working copy of this diff?

  8. Sphyr
    Member
    Posted 8 years ago #

    * my eyes glaze over *

    I came looking for this feature - my regular commenters are asking for the ability to edit their own comments to fix misspellings, etc.

    A plugin would be great. Built-in to WordPress would be even better. I'd offer to code, but I don't know php. :(

  9. Rubke
    Member
    Posted 7 years ago #

    is this feature still not implemented in v2.x ?

  10. Chris_K
    Member
    Posted 7 years ago #

    True.

    Has anyone added it to http://trac.wordpress.org/ or searched for plugins that may have been developed in the last two years since the thread started?

  11. Kafkaesqui

    Posted 7 years ago #

    Go here:

    http://codex.wordpress.org/Plugins/Comments

    There's something to be found...

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.